Bleeping Computer

Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. The flaw was discovered by ...
Bleeping Computer

Exploit released for critical VMware SSH auth bypass vulnerability

Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis tool (formerly known as vRealize Network ...
CSOonline

Public exploits already available for a severity 10 Erlang SSH vulnerability; patch now

Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, giving them free rein on a network. Experts are urging enterprises to ...

Hot on the Heels of Copy Fail, New Linux Bugs Grant Root Privileges

Additional Linux privilege escalation exploits related to long-existing bugs have been disclosed, so patch ASAP.
Ars Technica

Damnit Apple, Patch SSH

It has been almost a week since the SSH exploit/patch came out. This is getting a little ridiculous. I can't completely tell how serious this hole is, but I don't feel too safe leaving SSH enabled on ...
TechSpot

Researchers found a new way to steal SSH encryption keys

Bottom line: Security researchers have devised a new way to steal cryptographic keys in Secure Shell (SSH) computer-to-server communication. Compromised SSH connections could allow bad actors to ...